Socket

Self-spreading npm malware targets developers in new supply chain attack

February 24, 2026

Security researchers have uncovered another supply chain attack targeting developers: 19 typosquatting npm packages published on npmjs.com that steal credentials, infect …

Fake browser crash alerts turn Chrome extension into enterprise backdoor

January 19, 2026

Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. …

Resources

Download: Evaluating Password Monitoring Vendors
eBook: A quarter century of Active Directory
Download: Strengthening Identity Security whitepaper

Don't miss

IronCurtain: An open-source, safeguard layer for autonomous AI assistants
DeVry University’s CISO on higher education cybersecurity risk
Industrial networks continue to leak onto the internet
Scattered Lapsus$ Hunters seeks women for vishing attacks
The $19.5 million insider risk problem

Socket

Self-spreading npm malware targets developers in new supply chain attack

Fake browser crash alerts turn Chrome extension into enterprise backdoor

Featured news

Resources

Don't miss